RE: problems with draft-jenkins-ipsec-rekeying-06.txt
Paul Koning <pkoning@xedia.com> Tue, 18 July 2000 16:48 UTC
Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id JAA01867; Tue, 18 Jul 2000 09:48:26 -0700 (PDT)
Received: by lists.tislabs.com (8.9.1/8.9.1) id KAA19291 Tue, 18 Jul 2000 10:47:44 -0400 (EDT)
From: Paul Koning <pkoning@xedia.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-Id: <14708.28716.793630.882538@xedia.com>
Date: Tue, 18 Jul 2000 10:56:44 -0400
To: andrew.krywaniuk@alcatel.com
Cc: henry@spsystems.net, hugh@mimosa.com, TJenkins@Catena.com, ipsec@lists.tislabs.com, hugh@toad.com, gnu@toad.com
Subject: RE: problems with draft-jenkins-ipsec-rekeying-06.txt
References: <Pine.BSI.3.91.1000717181505.18264I-100000@spsystems.net> <002101bff062$c1335010$d23e788a@andrewk3.ca.newbridge.com>
X-Mailer: VM 6.72 under 21.1 (patch 9) "Canyonlands" XEmacs Lucid
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk
>>>>> "andrew" == andrew krywaniuk <andrew.krywaniuk@alcatel.com> writes: >> > Internet drafts are written in a mix of English and jargon; >> sometimes the > two languages overlap and it confuses people. >> >> I don't actually think that's an issue here... andrew> I think it is. There is a mathematical/logical definition of andrew> "unique" which goes something like: andrew> a is unique in Z if for all b in (Z exclude a) a is not equal andrew> to b. Indeed. And the real issue actually is that Z has not been defined. We need to find Z. Or, more precisely, the smallest sufficient Z. >> The primary criterion for choice when resolving ambiguities should >> be technical merit, not closeness to the original intent. andrew> I disagree here. The time to weigh technical merit is BEFORE andrew> the protocol is standardized and everyone has implemented andrew> it. Ambiguities should be resolved according to the intent of andrew> the clause and the way most people interpreted it. andrew> If it turns out that the protocol is actually lacking in andrew> technical merit, then it is time to change the protocol. But andrew> that should be done in a backwards compatible way that does andrew> not break all existing implementations. Mostly agreed. Given that we have an existing protocol with existing implementations, we should: a. Choose the meaning that "most" have used, if we can find it *and* if it is technically correct (i.e., secure), b. Failing that, choose a technically correct interpretation that's backwards compatible with most of the existing implementations, if there is one, c. Failing that, choose a technically correct interpretation (that's not backwards compatible). You left out (c) which is the last fallback, but you must have that one. (You can't choose backwards compatibility at the expense of security.) paul
- problems with draft-jenkins-ipsec-rekeying-06.txt D. Hugh Redelmeier
- RE: problems with draft-jenkins-ipsec-rekeying-06… Tim Jenkins
- procedural RE: problems with draft-jenkins-ipsec-… Henry Spencer
- RE: problems with draft-jenkins-ipsec-rekeying-06… D. Hugh Redelmeier
- Re: procedural RE: problems with draft-jenkins-ip… Paul Koning
- RE: problems with draft-jenkins-ipsec-rekeying-06… Andrew Krywaniuk
- RE: problems with draft-jenkins-ipsec-rekeying-06… Mason, David
- Re: problems with draft-jenkins-ipsec-rekeying-06… Dan Harkins
- Re: problems with draft-jenkins-ipsec-rekeying-06… Dan Harkins
- RE: problems with draft-jenkins-ipsec-rekeying-06… D. Hugh Redelmeier
- RE: problems with draft-jenkins-ipsec-rekeying-06… Andrew Krywaniuk
- RE: problems with draft-jenkins-ipsec-rekeying-06… Henry Spencer
- Re: problems with draft-jenkins-ipsec-rekeying-06… Dan Harkins
- RE: problems with draft-jenkins-ipsec-rekeying-06… andrew.krywaniuk
- RE: problems with draft-jenkins-ipsec-rekeying-06… Henry Spencer
- RE: problems with draft-jenkins-ipsec-rekeying-06… Paul Koning
- RE: problems with draft-jenkins-ipsec-rekeying-06… Andrew Krywaniuk
- RE: problems with draft-jenkins-ipsec-rekeying-06… andrew.krywaniuk
- RE: problems with draft-jenkins-ipsec-rekeying-06… Paul Koning
- RE: problems with draft-jenkins-ipsec-rekeying-06… D. Hugh Redelmeier
- RE: problems with draft-jenkins-ipsec-rekeying-06… Andrew Krywaniuk